Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/febef8-a0ea-4c7e-8806-20e19780cb2e/1/f-HfYE3tX08g41YUmhXPV2WaVRA.roa
File: f-HfYE3tX08g41YUmhXPV2WaVRA.roa (raw, json)
Hash identifier: R8ct2mrJ7mgy8m10CdOIH7/hc01eqWXKbXHIQEYh2JM=
Subject key identifier: 7F:E1:DF:60:4D:ED:5F:4F:20:E3:56:14:9A:15:CF:57:65:9A:55:10
Certificate issuer: /CN=d08da9cf00d4d58b854ffc62010f235b06df354a
Certificate serial: 0195CC343C2527EF531830A0F1D706B4DE75
Authority key identifier: D0:8D:A9:CF:00:D4:D5:8B:85:4F:FC:62:01:0F:23:5B:06:DF:35:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0I2pzwDU1YuFT_xiAQ8jWwbfNUo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/19/febef8-a0ea-4c7e-8806-20e19780cb2e/1/f-HfYE3tX08g41YUmhXPV2WaVRA.roa
Signing time: Tue 25 Mar 2025 07:28:50 +0000
ROA not before: Tue 25 Mar 2025 07:28:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213839
IP address blocks: 193.168.203.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:cc:34:3c:25:27:ef:53:18:30:a0:f1:d7:06:b4:de:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d08da9cf00d4d58b854ffc62010f235b06df354a
Validity
Not Before: Mar 25 07:28:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7fe1df604ded5f4f20e356149a15cf57659a5510
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:1b:05:80:8c:c7:00:6c:20:20:1a:a6:33:f7:
ed:67:fe:c3:ee:b3:f8:1f:9d:b9:fa:3b:7d:1c:51:
6a:c9:4b:c7:fa:7b:bc:82:ad:7d:49:e0:98:31:5d:
b3:02:af:7b:30:8b:f9:4f:8c:d7:01:89:fe:92:95:
08:1f:30:4a:5e:22:8d:78:a5:43:db:0d:b0:d3:01:
f0:8c:6e:1a:6d:99:f7:7f:5e:93:13:aa:25:4e:62:
6c:92:c4:3d:82:40:0a:e7:7f:b2:27:f3:5a:e3:71:
d0:fa:98:ef:e0:80:08:9f:e5:5e:c5:4b:7e:05:b4:
76:76:ba:e9:0a:2a:85:d6:ef:62:ac:71:b4:6e:bb:
45:f5:0b:34:1b:70:c7:7e:fc:16:33:3a:fe:d9:88:
93:9f:10:3f:92:59:3f:49:9d:f8:e4:13:96:59:30:
30:fd:46:62:c4:f5:51:6d:e5:b2:fa:61:21:48:c8:
2b:68:84:ed:81:ae:94:ad:46:b2:84:85:89:3a:f6:
96:b4:b3:b8:59:48:25:59:d4:c5:6b:15:2d:2d:1a:
77:11:d4:ea:39:a3:b5:81:5e:f2:3b:6b:c8:d3:95:
9d:3d:a0:dd:22:77:9c:2d:94:68:95:7c:19:1f:07:
7e:23:bc:bb:d5:42:e4:1e:da:a0:03:ce:59:ac:79:
5b:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:E1:DF:60:4D:ED:5F:4F:20:E3:56:14:9A:15:CF:57:65:9A:55:10
X509v3 Authority Key Identifier:
keyid:D0:8D:A9:CF:00:D4:D5:8B:85:4F:FC:62:01:0F:23:5B:06:DF:35:4A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0I2pzwDU1YuFT_xiAQ8jWwbfNUo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/febef8-a0ea-4c7e-8806-20e19780cb2e/1/f-HfYE3tX08g41YUmhXPV2WaVRA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/19/febef8-a0ea-4c7e-8806-20e19780cb2e/1/0I2pzwDU1YuFT_xiAQ8jWwbfNUo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.168.203.0/24
Signature Algorithm: sha256WithRSAEncryption
6d:6b:10:e8:0e:c4:2c:43:c1:8f:f9:5f:45:4b:b8:c6:2d:ef:
9a:19:e3:6a:94:37:0c:61:a5:47:16:c2:cf:84:03:72:2a:0c:
e2:0f:10:b6:c3:6e:c3:04:40:be:e9:9e:96:03:a7:e0:b8:6c:
b2:d0:6b:ad:3d:af:ac:5e:2b:4a:d7:03:3b:57:37:21:d4:3c:
c0:c3:1d:db:32:eb:0b:b5:42:e8:14:93:39:8c:8d:62:d6:b7:
fa:55:86:23:2e:1d:58:17:c7:fd:ae:33:7d:2a:33:1c:dd:c5:
c8:de:3f:45:ca:c0:ee:bd:05:81:5e:20:3b:2d:5e:a5:a4:8d:
f2:7b:65:b0:fd:7c:2f:2d:45:78:e6:11:e6:08:a1:73:91:ab:
c9:3d:d6:66:14:0e:df:e5:16:bb:7c:b2:80:87:ca:8b:10:54:
89:51:88:d4:4a:8d:b0:fe:e2:12:8b:a1:8d:76:57:ef:48:fd:
31:28:d6:19:08:25:cc:83:b6:97:3d:cc:42:d4:02:c4:90:2c:
97:74:7c:53:31:b1:16:b4:08:ec:27:e4:26:ba:d9:36:af:02:
4c:ca:b1:f1:bb:09:c8:77:ea:e1:95:c6:83:a3:67:38:6a:8c:
61:6d:4b:76:14:78:e4:e5:94:0c:2a:12:bb:48:f0:ae:91:79:
aa:53:81:7d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZXMNDwlJ+9TGDCg8dcGtN51MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQwOGRhOWNmMDBkNGQ1OGI4NTRmZmM2MjAxMGYyMzViMDZk
ZjM1NGEwHhcNMjUwMzI1MDcyODUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZmUxZGY2MDRkZWQ1ZjRmMjBlMzU2MTQ5YTE1Y2Y1NzY1OWE1NTEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtRsFgIzHAGwgIBqmM/ftZ/7D7rP4
H525+jt9HFFqyUvH+nu8gq19SeCYMV2zAq97MIv5T4zXAYn+kpUIHzBKXiKNeKVD
2w2w0wHwjG4abZn3f16TE6olTmJsksQ9gkAK53+yJ/Na43HQ+pjv4IAIn+VexUt+
BbR2drrpCiqF1u9irHG0brtF9Qs0G3DHfvwWMzr+2YiTnxA/klk/SZ345BOWWTAw
/UZixPVRbeWy+mEhSMgraITtga6UrUayhIWJOvaWtLO4WUglWdTFaxUtLRp3EdTq
OaO1gV7yO2vI05WdPaDdInecLZRolXwZHwd+I7y71ULkHtqgA85ZrHlb6QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFH/h32BN7V9PIONWFJoVz1dlmlUQMB8GA1UdIwQY
MBaAFNCNqc8A1NWLhU/8YgEPI1sG3zVKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMEkycHp3RFUxWXVGVF94aUFROGpXd2JmTlVvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS9mZWJlZjgtYTBlYS00YzdlLTg4MDYt
MjBlMTk3ODBjYjJlLzEvZi1IZllFM3RYMDhnNDFZVW1oWFBWMldhVlJBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS9mZWJlZjgtYTBlYS00YzdlLTg4MDYtMjBlMTk3ODBjYjJl
LzEvMEkycHp3RFUxWXVGVF94aUFROGpXd2JmTlVvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwajLMA0G
CSqGSIb3DQEBCwUAA4IBAQBtaxDoDsQsQ8GP+V9FS7jGLe+aGeNqlDcMYaVHFsLP
hANyKgziDxC2w27DBEC+6Z6WA6fguGyy0GutPa+sXitK1wM7Vzch1DzAwx3bMusL
tULoFJM5jI1i1rf6VYYjLh1YF8f9rjN9KjMc3cXI3j9FysDuvQWBXiA7LV6lpI3y
e2Ww/XwvLUV45hHmCKFzkavJPdZmFA7f5Ra7fLKAh8qLEFSJUYjUSo2w/uISi6GN
dlfvSP0xKNYZCCXMg7aXPcxC1ALEkCyXdHxTMbEWtAjsJ+Qmutk2rwJMyrHxuwnI
d+rhlcaDo2c4aoxhbUt2FHjk5ZQMKhK7SPCukXmqU4F9
-----END CERTIFICATE-----
Generated at Sat Apr 5 10:13:13 2025 by rpki-client